CVE-2009-3489

CVE Database · CVE-2009-3489

CVE-2009-3489

· HIGHModified

CVSS v3.1

7.8

EPSS

1.95%

Published

Sep 30, 2009

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBAdobe Photoshop Elements - Active File Monitor Service Privilege Escalation Exploit-DBAdobe Photoshop Elements 8.0 - Active File Monitor Privilege Escalation

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-732

Affected Products (1)

adobe · photoshop_elementsvulnerable

References (14)

http://blogs.adobe.com/psirt/2009/09/potential_photoshop_elements_8.html

Broken Link

http://retrogod.altervista.org/9sg_adobe_pe_local.html

Broken LinkExploit

http://secunia.com/advisories/36895